Error: CPPCHECK_WARNING (CWE-119): [#def1] dav1d-1.5.2/src/decode.c:3600: error[bufferAccessOutOfBounds]: Buffer is accessed out of bounds: c->refs[refidx].refpoc # 3598| f->ref_mvs_ref[i] = NULL; # 3599| } # 3600|-> memcpy(f->refrefpoc[i], c->refs[refidx].refpoc, # 3601| sizeof(*f->refrefpoc)); # 3602| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def2] dav1d-1.5.2/tools/dav1d.c:90:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’ dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’ dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)... dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)... dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’ # 88| .tv_nsec = d % 1000000000, # 89| }; # 90|-> nanosleep(&ts, NULL); # 91| #endif # 92| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] dav1d-1.5.2/tools/dav1d.c:90:5: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’ dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’ dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)... dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)... dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’ # 88| .tv_nsec = d % 1000000000, # 89| }; # 90|-> nanosleep(&ts, NULL); # 91| #endif # 92| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def4] dav1d-1.5.2/tools/dav1d.c:113:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’ dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’ dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)... dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)... dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’ # 111| const uint64_t frametime = *elapsed - last; # 112| fprintf(frametimes, "%" PRIu64 "\n", frametime); # 113|-> fflush(frametimes); # 114| } # 115| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] dav1d-1.5.2/tools/dav1d.c:113:9: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’ dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’ dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)... dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch... dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)... dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch... dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’ # 111| const uint64_t frametime = *elapsed - last; # 112| fprintf(frametimes, "%" PRIu64 "\n", frametime); # 113|-> fflush(frametimes); # 114| } # 115| }
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-225.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | dav1d-1.5.1-2.fc43 |
| diffbase-store-results-to | /tmp/tmp5v1ik73_/dav1d-1.5.1-2.fc43.tar.xz |
| diffbase-time-created | 2026-01-08 15:59:13 |
| diffbase-time-finished | 2026-01-08 16:02:07 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp5v1ik73_/dav1d-1.5.1-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp5v1ik73_/dav1d-1.5.1-2.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-225.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | dav1d-1.5.2-1.fc44 |
| store-results-to | /tmp/tmp91mrq4c_/dav1d-1.5.2-1.fc44.tar.xz |
| time-created | 2026-01-08 16:02:18 |
| time-finished | 2026-01-08 16:04:43 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp91mrq4c_/dav1d-1.5.2-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp91mrq4c_/dav1d-1.5.2-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |